Popular projects

Firmware SecurityThunderstrike is a proof-of-concept EFI firmware rootkit for Apple's MacBooks that I wrote while researching boot-time security on these popular laptops. First announced at 31C3 in Hamburg, partially fixed by Apple in Yosemite 10.10.2. I collaborated with Xeno Kovah and Corey Kallenberg on Thunderstrike 2, a software-only extension to the original vulnerability, that was presented at Blackhat / DEFCON 2015.